Investigate and respond to complex security incidents hands-on (malware, forensics, attribution) including credential compromise, data exfiltration, supply-chain, and cryptomining.
Lead high-severity incident response: scope blast radius, coordinate containment, guide remediation, and communicate with customers.
Own the response-to-automation flywheel: capture investigation patterns, translate them into detection rules and auto-remediation, and measure impact.
Build mechanisms enabling every engineer to contribute detection rules, automation playbooks, and AI training data; establish AI feedback loops to improve autonomous investigations.
Define and track metrics (false positives, auto-resolution coverage, engineer contributions); mentor junior engineers on methodology and artifacts.
Participate in on-call rotations (24/7 follow-the-sun), including weekends.
技術スタック
必須スキル
5+ years in scripting/programming or security code review in Python, Java, or C++
Bachelor's degree in CS/CE/Cybersecurity or related
Fluent Japanese (speaking, reading, writing)
5+ years non-internship experience troubleshooting systems, log analysis, CLI automation, and security mitigation
Experience identifying vulnerabilities/attack patterns and remediation; including mentoring/leadership
歓迎スキル(該当する場合)
Master’s degree in CS/InfoSec or related
Experience in automation or monitoring frameworks, deployment, or development
Knowledge of enterprise IT security standards/compliance
Certifications (GCIH, GSEC, GREM, GCFA, CISSP or equivalent)
Experience with AWS security operations (GuardDuty, CloudTrail, Security Hub, IAM)
キャリア成長観点
Scale and impact: 24/7 security operations, building AI-driven investigation and auto-remediation pipelines that reduce manual effort and accelerate detection.
Leadership and architecture: mentoring, shaping detection rules, and metrics-driven improvements, with opportunities to move toward senior/lead security engineer or security architect paths.
Cross-functional exposure: collaboration with leadership, customers, and diverse teams to influence security practices at AWS scale and deepen cloud-security expertise.